Sonar is a security researcher's Swiss army knife for finding and exploiting vulnerabilities that require out-of-band interactions
☆21Mar 11, 2026Updated last month
Alternatives and similar repositories for sonar
Users that are interested in sonar are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Framework for blind boolean-based sql injections exploatation. Use it if sqlmap does shit.☆29Mar 26, 2022Updated 4 years ago
- PoC of using Directus as ASPM☆13May 31, 2024Updated last year
- GraphQL application security testing helper☆20May 22, 2023Updated 2 years ago
- Bundle of wordlists for brute-forcing subdomains (World + RUSSIA based).☆68Jun 16, 2018Updated 7 years ago
- A list of checks with tips for analyzing the security of Android applications☆14Nov 19, 2019Updated 6 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- RSEScan is a command-line utility for interacting with the RSECloud. It allows you to fetch subdomains and IPs from certificates for a gi…☆17Jun 7, 2024Updated last year
- Various wordlists for bruteforce☆36Nov 9, 2021Updated 4 years ago
- ☆32Oct 7, 2023Updated 2 years ago
- Proof of Concept example for abusing Process Hacker 2 (v2.39.124)☆25Oct 30, 2024Updated last year
- Check bitrix vulnerabilities☆94Jan 22, 2024Updated 2 years ago
- 浏览器XSS 过滤器Fuzzing 框架 (browser xss aduit fuzzing framework )..☆15Sep 13, 2016Updated 9 years ago
- ToolShell scanner - CVE-2025-53770 and detection information☆19Dec 7, 2025Updated 4 months ago
- Oyedata is a tool to perform OData assessments☆13Aug 3, 2012Updated 13 years ago
- steal cookies from website using xss☆12Mar 25, 2020Updated 6 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- ☆37Apr 6, 2026Updated 3 weeks ago
- Extract uncompiled, uncompressed SPA code from Webpack source maps. A fork of @rarecoil's work.☆13Jul 11, 2024Updated last year
- Python utility to takeover domains vulnerable to AWS NS Takeover☆86Feb 2, 2023Updated 3 years ago
- SAP penetration testing Web and network cheatsheet☆17May 15, 2022Updated 3 years ago
- https://bc-security.gitbook.io/empire-wiki/☆13Aug 2, 2023Updated 2 years ago
- [CVE-2020-14882] Oracle WebLogic Server Authenticated Remote Code Execution (RCE)☆13Nov 9, 2020Updated 5 years ago
- Bash Enumeration Script☆18Oct 18, 2019Updated 6 years ago
- This automation protect against subdomain takeover on AWS env which also send alerts on slack.☆11Aug 1, 2021Updated 4 years ago
- Транслятор запросов к LLM Yandex Cloud из SDK OpenAI☆19Jan 10, 2025Updated last year
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Chase subdomains by parsing the results of Google and Yandex search results☆15Sep 29, 2023Updated 2 years ago
- If you're using Burp Suite Community Edition and want to supercharge your workflow with some powerful AI assistance – without needing Bur…☆47Apr 16, 2025Updated last year
- A vulnerable application exposing Spring Boot Actuators☆123Feb 25, 2019Updated 7 years ago
- Tool for finding URLs, paths, secrets and generating raw HTTP requests and OpenApi specifications from config files and annotations used …☆250Dec 9, 2025Updated 4 months ago
- Uzbek cyrillic/latin alphabetic, upper/lower/capital-case, name/surname/patronymic wordlists (dictionaries) and their combinations☆13Aug 4, 2022Updated 3 years ago
- ☆14Aug 10, 2022Updated 3 years ago
- FVWA (Flask Vulnerable Web Application)☆17Oct 14, 2024Updated last year
- PoC for distributed NTP reflection DoS (CVE-2013-5211)☆10Oct 4, 2019Updated 6 years ago
- Hybrid Botnet over TOR targeting Linux machines☆11Aug 1, 2021Updated 4 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- A Nuclei security scanning server based on MCP (Model Control Protocol), providing convenient vulnerability scanning services.一个基于 MCP (M…☆21Aug 24, 2025Updated 8 months ago
- NTLMRelay for MS Exchange☆11Nov 13, 2018Updated 7 years ago
- ☆42Apr 23, 2025Updated last year
- GitLab CI security tools runner☆18Feb 3, 2023Updated 3 years ago
- Generates a DEBUG PIN for flask applications based on Werkzeug☆19Nov 22, 2023Updated 2 years ago
- AES-GEM (AES Galois Extended Mode) implementation.☆13Feb 9, 2026Updated 2 months ago
- ☆12Feb 4, 2025Updated last year